In 2025, courts continued to issue significant decisions concerning the application of wiretap and privacy laws to pixels, session replay, and other website technologies. Over the past year, we have featured posts discussing claims regarding website analytics and advertising tools brought under the federal Wiretap Act, the California Invasion of Privacy Act (“CIPA”), the Video Privacy Protection Act (“VPPA”), and other laws.  A selection of posts highlighting important developments in this area is below. 

  • California Court Holds Plaintiffs’ Consent Defeats Claims Involving Use of Website Pixel. A California federal judge dismissed claims alleging that a website pixel disclosed viewing and browsing data in violation of the VPPA, federal Wiretap Act, CIPA, and other laws, holding that the plaintiff consented to the use of cookies and pixels by interacting with the website’s cookie banner, creating an account, and making purchases.  Lakes v. Ubisoft, Inc., 777 F. Supp. 3d 1047 (N.D. Cal. Apr. 2, 2025).  
  • Court Grants Summary Judgment: Website Vendor Cannot Read “Session Replay” Data “In Transit” Under CIPA. A California federal court dismissed CIPA Section 631 claims on summary judgment after concluding that session replay software does not satisfy the statute’s real-time interception element because user click, keystroke, and mouse movement data become readable only after transmission when the software has stored and reassembled the information. Torres v. Prudential Financial, Inc., 2025 WL 1135088 (N.D. Cal. Apr. 17, 2025). 
  • Court Applies Popa to Dismiss CIPA Pen Register Claim for Lack of Article III StandingApplying the Ninth Circuit’s decision in Popa v. Microsoft, a federal court in California  dismissed a CIPA § 638.51 pen register claim for lack of Article III standing, holding that the plaintiffs alleged only the collection of generic device and browser metadata—none of which constituted the kind of “embarrassing, invasive, or otherwise private” information necessary to establish a concrete injury. Khamooshi v. Politico LLC, 2025 WL 2822879 (N.D. Cal. Oct. 2, 2025). 
  • Third Circuit Affirms Dismissal of CIPA and CMIA Claims. The Court of Appeals for the Third Circuit affirmed dismissal of claims under CIPA and the California Confidentiality of Medical Information Act (“CMIA”).  The court rejected the CIPA claim by holding that the third party pixel provider was a direct recipient of the plaintiff’s browser communication and therefore not an illegal “interceptor,” and rejected the CMIA claim because the browsing data at issue reflected ordinary website navigation rather than “medical information” as required by the statute. Cole v. Quest Diagnostics Inc., 2025 WL 7451061 (3d Cir. Nov. 25, 2025). 
Tags: Class Actions, Consumer Protection, Data Privacy, Litigation, Ninth Circuit, technology, Third Circuit
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Kathryn Cahoy Kathryn Cahoy

Kate Cahoy co-chairs the firm’s Class Action Litigation Practice Group and serves on the leadership committee for the firm’s Technology Industry Group. A highly skilled litigator, she defends clients in complex, high-stakes class action disputes, securing significant victories across various industries, including technology…

Kate Cahoy co-chairs the firm’s Class Action Litigation Practice Group and serves on the leadership committee for the firm’s Technology Industry Group. A highly skilled litigator, she defends clients in complex, high-stakes class action disputes, securing significant victories across various industries, including technology, entertainment, consumer products, and financial services. Kate also plays a key role in the firm’s mass arbitration defense practice. She regularly advises companies on the risks associated with mass arbitration and has a proven track record of successfully defending clients against these challenges.

Leveraging her success in class action litigation and arbitration, Kate helps clients develop strategic and innovative solutions to their most challenging legal issues. She has extensive experience litigating cases brought under California’s Section 17200 and other consumer protection, competition, and privacy laws, including the Sherman Act, California Consumer Privacy Act (CCPA), California Invasion of Privacy Act (CIPA), Wiretap Act, Stored Communications Act, Children’s Online Privacy Protection Act (COPPA), Video Privacy Protection Act (VPPA), along with common law and constitutional rights of privacy, among others.

Kate’s exceptional legal work has earned widespread recognition. The Daily Journal named her successful defense of Meta and Microsoft cases described below as among its Top Verdicts, recognizing some of the largest and most impactful verdicts in California.

Recent Successes:

Represented Meta (formerly Facebook) in a putative nationwide advertiser class action alleging violations under the California Unfair Competition Law (UCL) related to charges from allegedly “fake” accounts. Successfully narrowed claims at the pleadings stage, defeated class certification, opposed a Rule 23(f) petition, won summary judgment, and defended the victory on appeal to the Ninth Circuit. (Daily Journal, Top Verdicts of 2021. Law.com recognized Kate with a Litigator of the Week Shoutout.
Defeated a landmark class action lawsuit against Microsoft and OpenAI contending that the defendants scraped data from the internet for training generative AI services and incorporated data from users’ prompts, allegedly in violation of CIPA, the Computer Fraud and Abuse Act (CFAA), and other privacy and consumer protection laws. (Daily Journal, Top Verdicts of 2024.)

Kate regularly contributes to the firm’s blog, Inside Class Actions, and was recently featured in a Litigation Daily interview titled “Where Privacy Laws and Litigation Trends Collide.” In recognition of her achievements in privacy and antitrust class action litigation, the Daily Journal named her as one of their Top Antitrust Lawyers (2024), Top Cyber Lawyers (2022), and Top Women Lawyers in California (2023). Additionally, she received the Women of Influence award from the Silicon Valley Business Journal, was recognized by the Daily Journal as a Top Attorney Under 40, and also was named to Bloomberg Law’s They’ve Got Next: The 40 Under 40 list.

Read more about Kathryn CahoyEmail
Show more Show less
Photo of Jordan Joachim Jordan Joachim

Jordan Joachim is a litigator focused on complex commercial and class action litigation, including breach of contract, privacy, cybersecurity, securities, and shareholder derivative matters. He has worked with clients in a wide range of industries, including technology, financial services, life sciences, energy, and…

Jordan Joachim is a litigator focused on complex commercial and class action litigation, including breach of contract, privacy, cybersecurity, securities, and shareholder derivative matters. He has worked with clients in a wide range of industries, including technology, financial services, life sciences, energy, and media and has extensive experience handling cases involving complex technologies.

Jordan has experience representing clients at all stages of litigation, from case inception through trial and appeal. He has drafted dispositive motions, managed complex discovery, taken and defended depositions, cross-examined witnesses at trial, and briefed appeals in federal and state courts.

Read more about Jordan JoachimEmail
Show more Show less
Photo of Angela Li Angela Li

Angela Li is an associate in the firm’s Los Angeles office whose practice focuses on tech-sector commercial litigation, class actions, and data privacy disputes. Angela draws from her years of experience as a former tech lead and software engineer at Meta Platforms (Facebook)…

Angela Li is an associate in the firm’s Los Angeles office whose practice focuses on tech-sector commercial litigation, class actions, and data privacy disputes. Angela draws from her years of experience as a former tech lead and software engineer at Meta Platforms (Facebook), where she built features for Facebook Groups and AR/VR network connectivity, and worked on privacy compliance for user location data. Before Covington, Angela helped draft and design the Vermont Data Privacy Act (passed 2024) and researched Intellectual Property and First Amendment issues facing AI Developers as part of Harvard Law School’s Berkman Klein Center for Internet & Society.

Read more about Angela LiEmail
Show more Show less